package com.jerry.spring.security.jwt.expression;

import com.jerry.spring.security.jwt.domain.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * 自定义权限校验
 *
 * @author jerry 2024/6/26 19:46
 */
@Component("se")
public class SecurityExpression {

    public boolean hasAnyAuthority(String... authorities) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        for (String authority : authorities) {
            if (permissions.contains(authority)) {
                return true;
            }
        }
        return false;
    }
}
